I chose NextCloud in favor of OwnCloud, if you prefer OwnCloud you can still use this How-To besides some details as it's basically the same software. I would say read up on NextCloud.

Next to that I used Nginx as my webserver. I did this mostly out of curiosity. I'm quite used to Apache and just wanted to try something else. Also 'they say' Nginx is more lightweight then Apache. With the B3 in mind that would make sense.

As a db backend I went for MariaDB (which is just a renamed MySQL) as you all may be aware of. So nothing fancy here.

I'm going to be posting a few posts here, with as goal to split it up in chapters.

I also tried to add the links to the webpages where I found the info.
1) just for reference
2) to credit the other people

Ok let's do this!

Last edited by pompopom on 29 Mar 2018, 11:18, edited 2 times in total.

In addition to the fresh install of my B3 I have chosen to put /home underneath / and no longer in a dedicated partition as my /home will stay rather small, it's not that I'm using my B3 as my desktop.

The "large" partition (originally /home) has been renamed /data
To do so:

These next few steps might be optional if your system is already running for a while.
If you start from a clean setup after completely re-installing your B3,
do a quick crosscheck to see if everything is in place.

Let's set some fixed IP-addresses.
I prefer to do this one by one. So leave at least one of both interfaces in dhcp mode untill you are sure the config from the second network card is completely functional.

First edit /etc/network/interfaces
Pay special attention to the "source" line, there's an error in the default one.
Basically I commented out the default values and added the correct "source" line

Like I said, create this one by one!!
Do a reboot in between each config change, and make sure you can ping the interface you just edited.
Yes a reboot, not a simple network restart.
systemctl restart networking.service does not bring up the interface so you're shooting in your own foot

Last edited by pompopom on 29 Mar 2018, 17:11, edited 1 time in total.

Install certbot - Let's encrypt (https://letsencrypt.org/)
If you're going to use another CA, or you already have your SSL-certs, you can skip this. Either way it's strongly recommended to use SSL (httpS) nowadays.
Edit sources.list

root@b3:~# nano /etc/php/7.0/fpm/php.ini
replace:
;cgi.fix_pathinfo=1 with cgi.fix_pathinfo=0
max_execution_time = 30 with max_execution_time = 300
post_max_size = 8M with post_max_size = 128M (or more or less, depends on what you need to upload)
upload_max_filesize = 2M with upload_max_filesize = 64M (or more or less, depends on what you need to upload, but at least less then post_max_size)

add the following lines, at the bottom of the file, right before "; Local Variables:"

Install NextCloud via occ
(must be done with sudo -u www-data from within the nextcloud folder)
admin user + password is the user you like to be created as a default administrator within NextCloud
Although we use MariaDB you put "mysql" as database type (they are the same in th end)

Move contents of NextCloud data folder to the data folder you prepared in the beginning.
I made a subdir first in /data to keep things separated if I needed to add something else.
It is by the way recommended that you never edit the data folder contents manually.
NextCloud needs to be the ONLY one writing into that folder.
So:

Remark:
- The "fastcgi_read_timeout 600" in your webhost config, can be reduced to 300 (php.ini max_execution_time)
I have put it somewhat higher for initial syncing => 50GB data (higher load). Once the initial is finished,
I'm going to put it back to a lower value also. You'll notice (a lot) fast_cgi timeouts in the logging
otherwise, which makes the sync last 'forever'.
- I do not recommend to use the webinterface on a daily basis. It is sloooow. Remember that after all you are
running this quite resource intensive tool on a small box. Install the sync clients and let it run on it's own
pace in the background. I have used OwnCloud on my B3 previously with 7 desktopclients (win/linux mix) and never had
an issue performance wise. It's the initial sync that matters.
- That said: try not to rename/move/... large folders every 5 minutes
- If you're connecting your box to the internet so you can sync your files from anywhere, I would recommend installing some firewalling, like ufw. As we have 2 interfaces on our B3, I would lock down everything (besides 80 and 443) on the port connected to the
internet, and have ssh opened only on the port connected to the internal network.https://wiki.debian.org/Uncomplicated%2 ... 0%28ufw%29
andhttps://serverfault.com/questions/27071 ... face-basis
- Do a test for security when finished: https://www.ssllabs.com/ssltest/

Last edited by pompopom on 29 Mar 2018, 11:14, edited 1 time in total.